Skip to content

Commit

Permalink
Merge pull request #260 from gopcua/issue-259-clear-cert-for-none
Browse files Browse the repository at this point in the history 
Do not send the certificate thumbprint for security mode None
  • Loading branch information
@magiconair
magiconair authored Aug 21, 2019
2 parents 66809f8 + 159c674 commit df55217
Showing 1 changed file with 10 additions and 1 deletion.
11 changes: 10 additions & 1 deletion uasc/message.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,10 +105,19 @@ type Message struct {
func NewMessage(srv interface{}, typeID uint16, cfg *Config) *Message {
switch typeID {
case id.OpenSecureChannelRequest_Encoding_DefaultBinary, id.OpenSecureChannelResponse_Encoding_DefaultBinary:
// Do not send the thumbprint for security mode None
// even if we have a certificate.
//
// See https://github.com/gopcua/opcua/issues/259
thumbprint := cfg.Thumbprint
if cfg.SecurityMode == ua.MessageSecurityModeNone {
thumbprint = nil
}

return &Message{
MessageHeader: &MessageHeader{
Header: NewHeader(MessageTypeOpenSecureChannel, ChunkTypeFinal, cfg.SecureChannelID),
AsymmetricSecurityHeader: NewAsymmetricSecurityHeader(cfg.SecurityPolicyURI, cfg.Certificate, cfg.Thumbprint),
AsymmetricSecurityHeader: NewAsymmetricSecurityHeader(cfg.SecurityPolicyURI, cfg.Certificate, thumbprint),
SequenceHeader: NewSequenceHeader(cfg.SequenceNumber, cfg.RequestID),
},
TypeID: ua.NewFourByteExpandedNodeID(0, typeID),
Expand Down

0 comments on commit df55217

Please sign in to comment.